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REMARKS 

In the non-final rejection, the Examiner rejects claims 1-16, 19-28, 34-40, 44-50, 
52, and 53 under 35 U.S.C. § 103(a) as unpatentable over WIN et al. (U.S. Patent No. 
6,182,142) in view of THEIMER et al. (U.S. Patent No. 5,649,099); and rejects claims 
17, 18, 41, and 42 under 35 U.S.C. § 103(a) as unpatentable over WIN et al. in view of 
THEIMER et al. and COLEY et al. (U.S. Patent No. 5,826,014). Applicants respectfully 
traverse these rejections. 1 

At the outset, Applicants submit that the Examiner does not address claim 51 in 
the Office Action, but rejects claims 52 and 53, which depend from claim 51, under 35 
U.S.C. § 103(a) as unpatentable over WIN et al. in view of THEIMER et al. (Office 
Action, pp. 6-7). Therefore, Applicants submit that the rejection of claims 52 and 53 
under 35 U.S.C. § 103(a) as unpatentable over WIN et al. in view of THEIMER et al. is 
improper . As such, Applicants respectfully request that the Examiner properly address 
claim 51-53 in a subsequent Office Action. 

Claims 1-16, 19-28, 34-40, 44-50, 52, and 53 stand rejected under 35 U.S.C. § 
103(a) as allegedly unpatentable over WIN et al. in view of THEIMER et al. Applicants 
respectfully traverse this rejection. 

Claim 1 recites a method for accessing resources on a private network via an 
intermediary server. The method includes receiving a login request from a user for 

1 As Applicants' remarks with respect to the Office Action's rejections are sufficient to overcome these 
rejections, Applicant's silence as to assertions by the Office Action or certain requirements that may be 
applicable to such rejections (e.g., whether a reference constitutes prior art, motivation to combine 
references, assertions as to dependent claims, etc.) is not a concession by Applicants that such assertions 
are accurate or such requirements have been met, and Applicants reserve the right to analyze and dispute 
these assertions/requirements in the future. 
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access to the intermediary server; authenticating the user in response to the login request; 
receiving a resource request from the authenticated user at the intermediary server, the 
resource request requesting a particular operation with respect to a resource from the 
private network; obtaining access privileges for the authenticated user in response to the 
resource request; determining if the access privileges for the authenticated user permit the 
authenticated user to perform the particular operation at the private network; and 
preventing, by the intermediary server, performance of the particular operation at the 
private network if the access privileges for the authenticated user do not permit the 
authenticated user to perform the particular operation at the private network. WIN et al. 
and THEIMER et al, whether taken alone or in any reasonable combination, do not 
disclose or suggest this combination of features. 

For example, WIN et al. and THEIMER et al. do not disclose or suggest 
preventing, by an intermediary server, performance of a particular operation at a private 
network if access privileges for the authenticated user do not permit the authenticated 
user to perform the particular operation at the private network. The Examiner relies on 
reference 322 of WIN et al. and Fig. 1A and column 7, line 54 - column 9, line 67 (which 
describes Fig. 1A) of THEIMER et al. as allegedly disclosing this feature (Office Action, 
pg. 3). Applicants respectfully disagree with the Examiner's interpretation of WIN et al. 
and THEIMER et al. 

Reference 322 of WIN et al. illustrates a state in which a user does not have 
authorization and a Runtime Module returns a redirection to a pre-defined URL (column 
8, line 65- column 9, line 2). On page 2 of the Office Action, the Examiner alleges that 



-3- 



PATENT 

U.S. Patent Application No. 10/060,792 
Attorney Docket No. 0023-0220 

Access Server 106 corresponds to the intermediary server of claim 1. However, WIN et 
al. discloses that state 322 is performed by Protected Server 104, not by Access Server 
106 (see column 7, line 40 - column 9, line 21). Therefore, WIN et al. does not disclose 
or suggest preventing, by an intermediary server, performance of a particular operation at 
a private network if the access privileges for the authenticated user do not permit an 
authenticated user to perform the particular operation at the private network, as recited in 
claim 1. 

At column 7, line 54 - column 9, line 67, THEIMER et al. generally discloses a 
system that includes a client, a server, and one or more intermediaries that are connected 
to one another via a communications network. This section of THEIMER et al. further 
discloses two-party authentication, such that the server can identify or authenticate the 
client and each intermediary. This section of THEIMER et al. does not mention 
preventing performance of an operation by an intermediary server. Therefore, this 
section of THEIMER et al. cannot disclose or suggest preventing, by an intermediary 
server, performance of a particular operation at a private network if the access privileges 
for the authenticated user do not permit an authenticated user to perform the particular 
operation at the private network, as recited in claim 1. 

For at least the foregoing reasons, Applicants submit that claim 1 is patentable 
over WIN et al. and THEIMER et al., whether taken alone or in any reasonable 
combination. 
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Claims 2-16 depend from claim 1. Therefore, these claims are patentable over 
WIN et al. and THEIMER et al., whether taken alone or in any reasonable combination, 
for at least the reasons given above with respect to claim 1 . 

Claim 19 recites a method for providing remote access to a private network via an 
intermediary server. The method includes receiving a login request from a remote user 
for access to the intermediary server; determining whether the remote user is permitted 
access to the intermediary server based on the login request; granting the remote user 
access to the intermediary server if the remote user is permitted access to the 
intermediary server, the granted access carrying access privileges to a portion the private 
network; receiving a resource request from the remote user at the intermediary server if 
the remote user is granted access to the intermediary server, the resource request 
requesting a particular resource on the private network; determining whether the resource 
request from the remote user is permitted by the access privileges; supplying the 
particular resource to the remote user through the intermediary server if the resource 
request from the remote user is permitted by the access privileges; and denying the 
remote user from access to the particular resource by the intermediary server if the 
resource request from the remote user is not permitted by the access privileges. WIN et 
al. and THEIMER et al, whether taken alone or in any reasonable combination, do not 
disclose or suggest this combination of features. 

For example, WIN et al. and THEIMER et al. do not disclose or suggest 
supplying a particular resource to a remote user through an intermediary server if the 
resource request from the remote user is permitted by the access privileges. The 
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Examiner relies on Fig. 3C of WIN et al. and Fig. 1 A and column 7, line 54 - column 9, 
line 67 (which describes Fig. 1A) of THEIMER et al. as allegedly disclosing this feature 
(Office Action, pg. 5). Applicants respectfully disagree with the Examiner's 
interpretation of WIN et al. and THEIMER et al. 

Fig. 3C of WIN et al. illustrates a state diagram showing processes carried out 
when a URL is a protected resource and a user is authenticated (column 8, lines 45-47). 
On page 4 of the Office Action, the Examiner alleges that Access Server 106 of WIN et 
al. corresponds to the intermediary server of claim 19. However, according to Fig. 3C of 
WIN et al., Access Server 106 does not supply Resource Page 308. Rather, Resource 
Page 308 is supplied by HTTP server 202 within Protected Server 104 (see Fig. 2 and 
Fig. 3C). Therefore, WIN et al. does not disclose or suggest supplying a particular 
resource to a remote user through an intermediary server if the resource request from the 
remote user is permitted by the access privileges, as recited in claim 19. 

As noted above, at column 7, line 54 - column 9, line 67, THEIMER et al. 
generally discloses a system that includes a client, as server, and one or more 
intermediaries that are connected to one another via a communications network. This 
section of THEIMER et al. further discloses two-party authentication, such that the server 
can identify or authenticate the client and each intermediary. This section of THEIMER 
et al. does not mention supplying a resource to a remote user through an intermediary 
server. Therefore, this section of THEIMER et al. cannot disclose or suggest supplying a 
particular resource to a remote user through an intermediary server if the resource request 
from the remote user is permitted by the access privileges, as recited in claim 19. 



-6- 



PATENT 

U.S. Patent Application No. 10/060,792 
Attorney Docket No. 0023-0220 

For at least the foregoing reasons, Applicants submit that claim 19 is patentable 
over WIN et al. and THEIMER et al., whether taken alone or in any reasonable 
combination. 

Claims 20-28 depend from claim 19. Therefore, these claims are patentable over 
WIN et al. and THEIMER et al., whether taken alone or in any reasonable combination, 
for at least the reasons given above with respect to claim 19. 

Independent claims 34 and 44 recite features similar to (yet possibly of different 
scope than) features recited above with respect to claims 1 and 19, respectively. 
Therefore, Applicants submit that claims 34 and 44 are patentable over WIN et al. and 
THEIMER et al, whether taken alone or in any reasonable combination, for at least 
reasons similar to reasons given above with respect to claims 1 and 19. 

Claims 35-40 depend from claim 34. Therefore, these claims are patentable over 
WIN et al. and THEIMER et al., whether taken alone or in any reasonable combination, 
for at least the reasons given above with respect to claim 34. 

Claims 45-50 depend from claim 44. Therefore, these claims are patentable over 
WIN et al. and THEIMER et al, whether taken alone or in any reasonable combination, 
for at least the reasons given above with respect to claim 44. 

Claim 51 recites an intermediary server system that includes means for sending a 
modified resource to a client; mean for receiving a request for a resource from the client; 
means for forwarding the received request to a remote server through a private network; 
means for receiving the resource from the remote server in response to the forwarded 
request; means for replacing a link in the received resource with a link that points to the 
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intermediary server system to obtain the modified resource; means for authenticating the 
client, the means for authenticating the client included in a device that hosts the means 
for sending the modified resource to the client and the means for receiving the request; 
and means for controlling client access to the requested resource based on authentication 
information and access information. WIN et al. and THEIMER et al., whether taken 
alone or in any reasonable combination, do not disclose or suggest this combination of 
features. The Examiner does not address the above features of claim 51 in the Office 
Action. Therefore, a prima facie case of obviousness has not been established with 
respect to claim 5 1 . 

For at least the foregoing reason, Applicants submit that claim 51 is patentable 
over WIN et al. and THEIMER et al., whether taken alone or in any reasonable 
combination. 

Claims 52 and 53 depend from claim 51. Therefore, these claims are patentable 
over WIN et al. and THEIMER et al., whether taken alone or in any reasonable 
combination, for at least the reasons given above with respect to claim 5 1 . 

Claims 17, 18, 41, and 42 stand rejected under 35 U.S.C. § 103(a) as allegedly 
being unpatentable over WIN et al. in view of THEIMER et al. and COLEY et al. 
Applicants respectfully traverse this rejection. 

Claims 17 and 18 depend from claim 1. Without acquiescing in the rejection of 
claims 17 and 18, Applicants submit that the disclosure of COLEY et al. does not remedy 
the deficiencies in the disclosures of WIN et al. and THEIMER et al. set forth above with 
respect to claim 1. Therefore, claims 17 and 18 are patentable over WIN et al, 
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THEIMER et al., and COLEY et al., whether taken alone or in any reasonable 
combination, for at least the reasons given above with respect to claim 1. 

Claims 41 and 42 depends from claim 34. Without acquiescing in the rejection of 
claims 41 and 42, Applicants submit that the disclosure of COLEY et al. does not remedy 
the deficiencies in the disclosures of WIN et al. and THEIMER et al. set forth above with 
respect to claim 34. Therefore, claims 41 and 42 are patentable over WIN et al, 
THEIMER et al. and COLEY et al., whether taken alone or in any reasonable 
combination, for at least the reasons given above with respect to claim 34. 
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In view of the foregoing remarks, Applicants respectfully request the Examiner's 
reconsideration of this application, and the timely allowance of the pending claims. 

To the extent necessary, a petition for an extension of time under 37 C.F.R. § 
1.136 is hereby made. Please charge any shortage in fees due in connection with the 
filing of this paper, including extension of time fees, to Deposit Account No. 50-1070 
and please credit any excess fees to such deposit account. 

Respectfully submitted, 
Harrity Snyder, L.L.P. 



By: /Meagan S. Walling, Reg. No. 60,1 12/ 
Meagan S. Walling 
Registration No. 60,112 

Date: January 2, 2008 

1 1350 Random Hills Road 
Suite 600 

Fairfax, Virginia 22030 
(571)432-0800 

Customer Number: 44987 
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